package com.blog.authentication;





import com.blog.admin.service.SysPermissionsService;
import com.blog.admin.service.SysUserService;
import com.blog.admin.vo.SysUserVO;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;


import java.util.HashSet;
import java.util.Set;

/**
 * @author tangqj
 * @Description
 * @create 2019/8/16 14:17
 */

public class MyShiroRealm extends AuthorizingRealm {

    @Autowired
    SysUserService sysUserService;
    @Autowired
    SysPermissionsService sysPermissionsService;
    /**
     * 方面用于加密 参数：AuthenticationToken是从表单穿过来封装好的对象
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 将AuthenticationToken强转为AuthenticationToken对象
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        // 获得从表单传过来的用户名
        String username = upToken.getUsername();
        String password =  new String(upToken.getPassword());
        //解密
//        String dd = PasswordUtil.decrypt(password,username,PasswordUtil.getStaticSalt());
        //获取用户信息
        SysUserVO sysUserVO = sysUserService.getUserByUsername(username);
        // 从数据库中查询的密码
        String realmName = this.getName();
        // 创建SimpleAuthenticationInfo对象，并且把username和password等信息封装到里面
        // 用户密码的比对是Shiro帮我们完成的
        SimpleAuthenticationInfo info = null;
        if (sysUserVO == null){
            throw new UnknownAccountException("用户名或密码错误,请确认后重新输入");
        }
        // 判断账号是否被锁定
        else  if (0 == (sysUserVO.getUserType()!=null?sysUserVO.getUserType():0)){
            throw new  LockedAccountException("账户无权登陆,请联系管理员");
        } else  if (1 == (sysUserVO.getUserType()!=null?sysUserVO.getUserType():0)){
            throw new  LockedAccountException("账户被锁定,请联系管理员");
        } else if (!sysUserVO.getPassword().equals(password)){
            throw new UnknownAccountException("用户名或密码错误,请确认后重新输入");
        }

        info = new SimpleAuthenticationInfo(sysUserVO, sysUserVO.getPassword(), realmName);
        return info;
    }

    // 用于授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        System.out.println("MyShiroRealm的doGetAuthorizationInfo授权方法执行");
        // User user=(User)
        // principals.fromRealm(this.getClass().getName()).iterator().next();//获取session中的用户
        // System.out.println("在MyShiroRealm中AuthorizationInfo（授权）方法中从session中获取的user对象:"+user);
        // 从PrincipalCollection中获得用户信息
        Object principal = principals.getPrimaryPrincipal();
        System.out.println("ShiroRealm  AuthorizationInfo:" + principal.toString());

        // 根据用户名来查询数据库赋予用户角色,权限（查数据库）
        Set<String> roles = new HashSet<>();
        Set<String> permissions = new HashSet<>();

        //更新以上代码
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles);
        //添加权限
        info.setStringPermissions(permissions);
        return info;
        // return null;
    }

    /**
     * 删除缓存
     *
     * @param principals
     */
    @Override
    protected void doClearCache(PrincipalCollection principals) {
        super.doClearCache(principals);
    }

}

